Printer Friendly

Re-Printed from Firewalls-and-Virus-Protection Articles and Reports,    

Major Buildup of Botnets Bodes Serious Trouble -   Is Your Computer Secure against the Storm?  

     Online criminals can use a virus to take control of large numbers of computers at a time, and turn them into "zombies" that can work together as a powerful "botnet" to perform malicious tasks. Botnets are highly valued by online criminals, and have become a serious problem on the Internet.

     InformationWeek (Aug. 2, 2007) reported that the current siege by the Storm Worm is 10 times larger than any other e-mail attack in the last two years -- amassing a combined botnet army of nearly 2 million computers

     A botnet - also known as a zombie army - is a number of Internet computers that have been set up to forward transmissions including spam or viruses to other computers on the Internet. Any such computer is referred to as a zombie - in effect, a computer "robot" or "bot" that serves the wishes of some master spam or virus originator.

Most computers compromised in this way are home-based and infected without the owners' knowledge. According to a report from Russian-based Kapersky Labs, botnets - not spam, viruses, or worms - currently pose the biggest threat to the Internet. A report from Symantec offers the same conclusion.

     Literally hundreds of thousands of computers have been harvested into Botnets that can distribute spam e-mail and infected greeting e-card messages, spread viruses, attack other computers and servers, and commit other kinds of crime and fraud.

     Computers that are captured into a zombie army are often those whose owners fail to provide effective firewalls and other safeguards. Many home computers have high speed connections that may be inadequately protected. A zombie or bot is often created through an Internet port that has been left open and through which a small Trojan horse program can be left for future activation. At a certain time, the zombie army "controller" can unleash targeted attacks with his Zombie army by sending a single command.

     Malware and targeted attacks are almost always
                         economically motivated
.

    The goal of today’s threats is to stay silent and hidden for as long as possible while stealing confidential and financial data from infected networks around the world.

     Researchers at software security firms have recorded over 400 million spam e-mails luring users to malicious Web sites. Before the Storm worm began its attack, about 1 million virus-laden e-mails circulated through the Internet daily. On July 19, the research firm Postini recorded 48.6 million and on July 24 they tracked 46.2 million malicious messages - more than 99% from the Storm worm. Researchers at SecureWorks reported similar staggering numbers as well.

     SecureWorks researchers noted that the number of zombie computers captured by Storm worm authors has increased dramatically. During the first months of 2007, they noted an increase of bot directed attacks from 2,815 to 1.7 million by the end of July.

     Editor's at the SANS Institute (the leading organization in computer security training) agree that the Storm worm is a very sophisticated piece of software and it is highly unlikely that it was created just to send spam.

             It's possible that your computer could already
              have a virus and be compromised into a botnet.


     A virus that makes your computer into a zombie might cause it to slow down, display mysterious messages, or work in an unexpected manner. These viruses usually do not disable your computer because zombie computers are useless to a bot master unless they can be operated when connected to the internet

     If your computer shows symptoms of virus infection, first make sure that the software is up to date. If you are running Windows Vista, Windows XP, Windows 2000, and Windows Server 2003, run the Microsoft Malicious Software Removal Tool. It checks for infections by specific, prevalent malicious software and helps remove any infection found.

     Free scans are offered by nearly all of the major security software providers. Some may only find and identity malware hidden in your system but request a paid subscription to remove it. Try a couple different anti-virus programs. If you don't already have an up-to-date anti-virus program, the small investment is good insurance. If you're running those Windows browsers, get a free scan with the Windows Live OneCare safety scanner. It'll remove infections and is free for 90 days.

     Subscribe to industry standard antivirus software and anti spyware software, and keep them current

     In addition to the basic precautions associated with surfing the web that we've reviewed a number of times, make certain that you use licensed software products. Botnets are often comprised mostly of computers that run illegally copied versions of operating system and productivity software.

     Unlicensed software can be more susceptible to viruses and can even come with viruses already installed without your knowledge.

     With a little extra caution and good up-to-date protection, you should be able to "Weather the Storm".

                                           ... Richard Rossbauer
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Richard started his "Firewalls and Virus Protection" website and "Security Alert News Reporter" to help everyday Internet users navigate safely through the Cyber Space that has become a 'Cyber Jungle', loaded with ambushes and booby traps. He promotes his "Computer Security Awareness Campaign" thru his website at http://www.firewalls-and-virus-protection.com
It's ok to reprint this report if content is unchanged and bio is included
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
© RichardPresents.com